<div>Hi all,</div>
<div> </div>
<div>I try to enable the Role Base Authorization in Guvnor after it was running fine with the default login mechanism.</div>
<div>But, encountered some problem with the attempt. </div>
<div> </div>
<div>What I did was that in the components.xml, </div>
<div>- commented out the default &lt;security:identity authenticate-method=&quot;#{defaultAuthenticator.authenticate}&quot;/&gt;</div>
<div>- uncomment the &lt;security:identity authenticate-method=&quot;#{authenticator.authenticate}&quot; jaas-config-name=&quot;other&quot;/&gt;</div>
<div>- change the role base authorization to true, &lt;security:role-based-permission-resolver enable-role-based-authorization=&quot;true&quot;/&gt;</div>
<div> </div>
<div>And at the login-config.xml</div>
<div>I have changed the &quot;other&quot; application policy to </div>
<div>    &lt;application-policy name = &quot;other&quot;&gt;<br>       &lt;authentication&gt;<br>          &lt;login-module code = &quot;org.jboss.security.auth.spi.UsersRolesLoginModule&quot;<br>             flag = &quot;required&quot; &gt;<br>
           &lt;module-option name=&quot;usersProperties&quot;&gt;props/guvnor-users.properties&lt;/module-option&gt;<br>           &lt;module-option name=&quot;rolesProperties&quot;&gt;props/guvnor-roles.properties&lt;/module-option&gt;<br>
          &lt;/login-module&gt;<br>       &lt;/authentication&gt;<br>    &lt;/application-policy&gt;</div>
<div> </div>
<div>guvnor-users.properties</div>
<div>admin=admin12<br>krisv=krisv<br>john=john<br>mary=mary</div>
<div> </div>
<div>guvnor-roles.properties</div>
<div>admin=admin<br>krisv=admin,manager,user<br>john=admin,manager,user<br>mary=admin,manager,user</div>
<div> </div>
<div>After restarting JBoss, I can login based on the user and password defined in the guvnor-users.properties.</div>
<div>And, by changing the password in the properties, I verified that it is taking in the value from the file itself.</div>
<div> </div>
<div>However, when I login as user admin and tried to access the Administration | User Permission or Event Log, </div>
<div>I&#39;m prompt &quot;Sorry, insufficient permissions to perform this action.&quot;</div>
<div> </div>
<div>The error from the console is </div>
<div>11:15:36,046 INFO  [STDOUT] ERROR 29-07 11:15:36,046 (LoggingHelper.java:error:76)<br>Service method &#39;public abstract java.util.Map org.drools.guvnor.client.rpc.RepositoryService.listUserPermissions() <br>       throws org.drools.guvnor.client.rpc.DetailedSerializationException&#39; <br>
       threw an unexpected exception: org.jboss.seam.security.AuthorizationException: <br>         Authorization check failed for permission[org.drools.guvnor.server.security.AdminType@bf7a4d,admin]<br>org.jboss.seam.security.AuthorizationException: Authorization check failed for permission[org.drools.guvnor.server.security.AdminType@bf7a4d,admin]<br>
        at org.jboss.seam.security.Identity.checkPermission(Identity.java:581)<br>        at org.drools.guvnor.server.ServiceImplementation.listUserPermissions(ServiceImplementation.java:2604)</div>
<div>.....</div>
<div> </div>
<div>Checking on the org.drools.guvnor.server.security.RoleTypes code, the available role should be</div>
<div>admin</div>
<div>analyst</div>
<div>analyst.readonly</div>
<div>package.admin</div>
<div>package.developer</div>
<div>package.readonly</div>
<div> </div>
<div>Can anyone help to let me know what&#39;s wrong with my configuration?</div>
<div> </div>
<div>Thanks.</div>
<div> </div>
<div> </div>
<div>Han Ming </div>